First commit. Taken from open source branch of internal sample-tracking application.

deploy/datomic/Dockerfile

@@ -0,0 +1,29 @@
+FROM naartjie/alpine-lein
+
+# Based on pointslope/datomic-pro-starter
+# https://hub.docker.com/r/pointslope/datomic-pro-starter/dockerfile
+
+MAINTAINER Mike Travers "mtravers@parkerici.org"
+
+# Set the version to the one you're downloading.
+ENV DATOMIC_VERSION=1.0.6202
+ENV DATOMIC_HOME /opt/datomic-pro-$DATOMIC_VERSION
+ENV DATOMIC_DATA $DATOMIC_HOME/data
+
+RUN apk add --no-cache unzip curl
+
+# Datomic Pro Starter as easy as 1-2-3
+# 1. Download a release from my.datomic.com and put it in the releases folder
+ADD releases/datomic-pro-1.0.6202.zip /tmp/datomic.zip
+
+RUN  unzip /tmp/datomic.zip -d /opt \
+  && rm -f /tmp/datomic.zip
+
+WORKDIR $DATOMIC_HOME
+RUN echo DATOMIC HOME: $DATOMIC_HOME
+
+# 3. Provide a CMD argument with the relative path to the
+# transactor.properties file it will supplement the ENTRYPOINT
+VOLUME $DATOMIC_DATA
+
+EXPOSE 4334 4335 4336

deploy/datomic/create_test_db.clj

@@ -0,0 +1,4 @@
+;;; Run by CI to create a local database
+
+(require 'datomic.api)
+(datomic.api/create-database "datomic:dev://localhost:4334/ereq-test")

deploy/datomic/dev-transactor.properties.template

@@ -0,0 +1,22 @@
+# transactor properties for local dev instances (and CI)
+
+###################################################################
+
+protocol=dev
+host=localhost
+port=4334
+
+###################################################################
+# See https://docs.datomic.com/on-prem/storage.html
+
+license-key=${DATOMIC_LICENSE_KEY}
+
+
+###################################################################
+# See https://docs.datomic.com/on-prem/capacity.html
+
+
+## Recommended settings for -Xmx1g usage, e.g. dev laptops.
+memory-index-threshold=32m
+memory-index-max=256m
+object-cache-max=128m

deploy/k8s/datomic/peer-service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: datomic-peer
+  name: datomic-peer
+spec:
+  ports:
+    - name: datomic-peer
+      port: 8998
+      protocol: TCP
+      targetPort: 8998
+  selector:
+    app: datomic-peer

deploy/k8s/datomic/peer-template.yaml

@@ -0,0 +1,26 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: datomic-peer
+  labels:
+    app: datomic-peer
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: datomic-peer
+  template:
+    metadata:
+      labels:
+        app: datomic-peer
+    spec:
+      containers:
+        - name: datomic-peer
+          image: gcr.io/pici-ereq/datomic:1.0.6202
+          imagePullPolicy: Always
+          command: [ "./bin/run", "-m", "datomic.peer-server", "-h", "0.0.0.0", "-p", "8998", "-a", "myaccesskey,mysecret", "-d", "sample-tracking,datomic:sql://sample-tracking?jdbc:postgresql://$POSTGRES_IP:5432/datomic?user=datomic&password=datomic" ]
+          ports:
+            - containerPort: 8998
+          env:
+            - name: POSTGRES_IP
+              value: ${POSTGRES_IP}

deploy/k8s/datomic/transactor-props.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: datomic-transactor-properties
+type: Opaque
+data:
+  transactor.properties: ${B64_TRANSACTOR_PROPS}

deploy/k8s/datomic/transactor-service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: datomic-transactor
+  labels:
+    app: datomic-transactor
+spec:
+  ports:
+    - name: datomic-transactor
+      protocol: TCP
+      port: 4334
+      targetPort: 4334
+  selector:
+    app: datomic-transactor

deploy/k8s/datomic/transactor.yaml

@@ -0,0 +1,31 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: datomic-transactor
+  labels:
+    app: datomic-transactor
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: datomic-transactor
+  template:
+    metadata:
+      labels:
+        app: datomic-transactor
+    spec:
+      volumes:
+        - name: transactor-properties
+          secret:
+            secretName: datomic-transactor-properties
+      containers:
+        - name: datomic-transactor
+          image: gcr.io/pici-ereq/datomic:1.0.6202
+          imagePullPolicy: Always
+          command: [ "./bin/transactor", "config/transactor.properties" ]
+          ports:
+            - containerPort: 4334
+          volumeMounts:
+            - name: transactor-properties
+              mountPath: /opt/datomic-pro-1.0.6202/config/transactor.properties
+              subPath: transactor.properties

deploy/k8s/sample-tracking/app-cert-dev.yaml

@@ -0,0 +1,7 @@
+apiVersion: networking.gke.io/v1beta2
+kind: ManagedCertificate
+metadata:
+  name: ereq-cert-dev
+spec:
+  domains:
+    - dev-ereq.parkerici.org

deploy/k8s/sample-tracking/app-cert-prod.yaml

@@ -0,0 +1,7 @@
+apiVersion: networking.gke.io/v1beta2
+kind: ManagedCertificate
+metadata:
+  name: ereq-cert-prod
+spec:
+  domains:
+    - ereq.parkerici.org

deploy/k8s/sample-tracking/app-ingress-template.yaml

@@ -0,0 +1,14 @@
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: ereq-ingress
+  annotations:
+    kubernetes.io/ingress.allow-http: "false"
+    kubernetes.io/ingress.global-static-ip-name: ereq-${ENVIRONMENT}
+    networking.gke.io/managed-certificates: ereq-cert-${ENVIRONMENT}
+  labels:
+    app: sample-tracking
+spec:
+  backend:
+    serviceName: sample-tracking-service
+    servicePort: 80

deploy/k8s/sample-tracking/app-service.yaml

@@ -0,0 +1,26 @@
+apiVersion: cloud.google.com/v1
+kind: BackendConfig
+metadata:
+  name: ereq-backend-config
+spec:
+  timeoutSec: 60
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: sample-tracking-service
+  labels:
+    app: sample-tracking
+  annotations:
+    beta.cloud.google.com/backend-config: '{"default": "ereq-backend-config"}'
+spec:
+  type: NodePort
+  selector:
+    app: sample-tracking
+    tier: web
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: 8989
+  sessionAffinity: ClientIP

deploy/k8s/sample-tracking/app-template.yaml

@@ -0,0 +1,97 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sample-tracking-app
+  labels:
+    app: sample-tracking
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sample-tracking
+  template:
+    metadata:
+      labels:
+        app: sample-tracking
+        tier: web
+    spec:
+      volumes:
+        - name: google-application-credentials
+          secret:
+            secretName: google-application-credentials
+        - name: firebase-application-credentials
+          secret:
+            secretName: firebase-application-credentials
+      containers:
+        - name: sample-tracking-app
+          image: gcr.io/pici-ereq/sample-tracking:${DEPLOY_VERSION}
+          imagePullPolicy: Always
+          command: [ "java" ]
+          args: [ "-Xss4096k", "-Xmx23G", "-jar", "sample-tracking-standalone.jar", "server", "-p", "8989" ]
+          resources:
+            requests:
+              memory: "24Gi"
+          ports:
+            - containerPort: 8989
+          livenessProbe:
+            httpGet:
+              path: /api/health
+              port: 8989
+            initialDelaySeconds: 30
+            timeoutSeconds: 1
+          readinessProbe:
+            httpGet:
+              path: /api/health
+              port: 8989
+            initialDelaySeconds: 30
+            timeoutSeconds: 1
+          volumeMounts:
+            - name: google-application-credentials
+              mountPath: /credentials/service-account.json
+              subPath: service-account.json
+            - name: firebase-application-credentials
+              mountPath: /credentials/firebase-credentials.json
+              subPath: firebase-credentials.json
+          env:
+            - name: DEPLOY_ENVIRONMENT
+              value: default
+            - name: DATOMIC_ACCESS_KEY
+              value: myaccesskey
+            - name: DATOMIC_SECRET
+              value: mysecret
+            - name: DATOMIC_DB_NAME
+              value: sample-tracking
+            - name: DATOMIC_ENDPOINT
+              value: datomic-peer:8998
+            - name: MANIFEST_EMAIL_RECIPIENT
+              value: ${MANIFEST_EMAIL_RECIPIENT}
+            - name: MANIFEST_EMAIL_SENDER
+              value: ereq-admin@parkerici.org
+            - name: SEND_MANIFEST_EMAILS
+              value: "true"
+            - name: GOOGLE_APPLICATION_CREDENTIALS
+              value: "/credentials/service-account.json"
+            - name: FIREBASE_JS_APPLICATION_CREDENTIALS
+              value: "/credentials/firebase-credentials.json"
+            - name: SEND_VENDOR_EMAILS
+              value: "${SEND_VENDOR_EMAILS}"
+            - name: OAUTH_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: google-oauth
+                  key: id
+            - name: OAUTH_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: google-oauth
+                  key: secret
+            - name: SENDGRID_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: sendgrid-api
+                  key: key
+            - name: API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: ereq-auth
+                  key: key

deploy/k8s/sample-tracking/deploy-job-template.yaml

@@ -0,0 +1,32 @@
+# Job to run deploy tasks before actual deploy.
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: deploy-tasks
+spec:
+  template:
+    metadata:
+      name: deploy-tasks
+      labels:
+        name: deploy-tasks
+    spec:
+      restartPolicy: Never
+      containers:
+        - name: deploy-tasks-runner
+          image: gcr.io/pici-ereq/sample-tracking:${DEPLOY_VERSION}
+          imagePullPolicy: Always
+          command: [ "/bin/sh", "-c", "java -jar sample-tracking-standalone.jar predeploy" ]
+          ports:
+            - containerPort: 8989
+          env:
+            - name: DEPLOY_ENVIRONMENT
+              value: default
+            - name: DATOMIC_ACCESS_KEY
+              value: myaccesskey
+            - name: DATOMIC_SECRET
+              value: mysecret
+            - name: DATOMIC_DB_NAME
+              value: sample-tracking
+            - name: DATOMIC_ENDPOINT
+              value: datomic-peer:8998
+  backoffLimit: 1

deploy/k8s/sample-tracking/google-oauth.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: google-oauth
+type: Opaque
+data:
+  id: ${B64_OAUTH_CLIENT_ID}
+  secret: ${B64_OAUTH_CLIENT_SECRET}

deploy/k8s/sample-tracking/sendgrid-api.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: sendgrid-api
+type: Opaque
+data:
+  key: ${B64_SENDGRID_API}